cleanup: remove kube-proxy.json

Azure · Jul 5, 2024 · 7c70b35 · 7c70b35
1 parent 9fa231f
commit 7c70b35
Show file tree

Hide file tree

Showing 8 changed files with 28 additions and 74 deletions.
diff --git a/parts/linux/cloud-init/artifacts/components.json b/parts/linux/cloud-init/artifacts/components.json
@@ -381,6 +381,26 @@
       "multiArchVersions": [
         "v0.7.1"
       ]
+    },
+    {
+      "downloadURL": "mcr.microsoft.com/oss/kubernetes/kube-proxy:*",
+      "amd64OnlyVersions": [],
+      "multiArchVersions": [
+        "1.27.13",
+        "1.27.13-2",
+        "1.27.14-1",
+        "1.27.15",
+        "1.28.10-1",
+        "1.28.9",
+        "1.28.9-1",
+        "1.28.11",
+        "1.29.4",
+        "1.29.4-1",
+        "1.29.5-1",
+        "1.29.6",
+        "1.30.1-1",
+        "1.30.2-hotfix.20240613"
+      ]
     }
   ],
   "DownloadFiles": [

diff --git a/vhdbuilder/packer/install-dependencies.sh b/vhdbuilder/packer/install-dependencies.sh
@@ -459,34 +459,7 @@ fi
 cat /var/log/azure/Microsoft.Azure.Extensions.CustomScript/events/*
 rm -r /var/log/azure/Microsoft.Azure.Extensions.CustomScript || exit 1
 
-# this is used by kube-proxy and need to cover previously supported version for VMAS scale up scenario
-# So keeping as many versions as we can - those unsupported version can be removed when we don't have enough space
-# NOTE that we keep multiple files per k8s patch version as kubeproxy version is decided by CCP.
-
-# kube-proxy regular versions >=v1.17.0  hotfixes versions >= 20211009 are 'multi-arch'. All versions in kube-proxy-images.json are 'multi-arch' version now.
-
-KUBE_PROXY_IMAGE_VERSIONS=$(jq -r '.containerdKubeProxyImages.ContainerImages[0].multiArchVersions[]' <"$THIS_DIR/kube-proxy-images.json")
-
-declare -a kube_proxy_pids=()
-
-for KUBE_PROXY_IMAGE_VERSION in ${KUBE_PROXY_IMAGE_VERSIONS}; do
-  CONTAINER_IMAGE="mcr.microsoft.com/oss/kubernetes/kube-proxy:v${KUBE_PROXY_IMAGE_VERSION}"
-  pullContainerImage ${cliTool} ${CONTAINER_IMAGE} &
-  kube_proxy_pids+=($!)
-  while [[ $(jobs -p | wc -l) -ge $parallel_container_image_pull_limit ]]; do
-      wait -n
-  done
-done
-wait ${kube_proxy_pids[@]} # Wait for all parallel pulls to finish
-
-for KUBE_PROXY_IMAGE_VERSION in ${KUBE_PROXY_IMAGE_VERSIONS}; do
-  CONTAINER_IMAGE="mcr.microsoft.com/oss/kubernetes/kube-proxy:v${KUBE_PROXY_IMAGE_VERSION}"
-  ctr --namespace k8s.io run --rm ${CONTAINER_IMAGE} checkTask /bin/sh -c "iptables --version" | grep -v nf_tables && echo "kube-proxy contains no nf_tables"
-
-  # shellcheck disable=SC2181
-  echo "  - ${CONTAINER_IMAGE}" >>${VHD_LOGS_FILEPATH}
-done
-stop_watch $capture_time "Configure Telemetry, Create Logging Directory, Kube-proxy" false
+stop_watch $capture_time "Configure Telemetry, Create Logging Directory" false
 start_watch
 
 # download kubernetes package from the given URL using MSI for auth for azcopy

diff --git a/vhdbuilder/packer/pre-install-dependencies.sh b/vhdbuilder/packer/pre-install-dependencies.sh
@@ -30,11 +30,9 @@ CPU_ARCH=$(getCPUArch)  #amd64 or arm64
 VHD_LOGS_FILEPATH=/opt/azure/vhd-install.complete
 COMPONENTS_FILEPATH=/opt/azure/components.json
 MANIFEST_FILEPATH=/opt/azure/manifest.json
-KUBE_PROXY_IMAGES_FILEPATH=/opt/azure/kube-proxy-images.json
 #this is used by post build test to check whether the compoenents do indeed exist
 cat components.json > ${COMPONENTS_FILEPATH}
 cat manifest.json > ${MANIFEST_FILEPATH}
-cat ${THIS_DIR}/kube-proxy-images.json > ${KUBE_PROXY_IMAGES_FILEPATH}
 echo "Starting build on " $(date) > ${VHD_LOGS_FILEPATH}
 stop_watch $capture_time "Create Post-build Test" false
 start_watch
@@ -109,7 +107,7 @@ else
       sed -i "s#http://azure.archive.ubuntu.com/ubuntu/#https://snapshot.ubuntu.com/ubuntu/${VHD_BUILD_TIMESTAMP}#g" /etc/apt/sources.list
     fi
     apt_get_update || exit $ERR_APT_UPDATE_TIMEOUT
-    apt_get_dist_upgrade || exit $ERR_APT_DIST_UPGRADE_TIMEOUT    
+    apt_get_dist_upgrade || exit $ERR_APT_DIST_UPGRADE_TIMEOUT
   fi
 
   if [[ "${ENABLE_FIPS,,}" == "true" ]]; then
@@ -137,7 +135,7 @@ if [[ "${UBUNTU_RELEASE}" == "22.04" && "${ENABLE_FIPS,,}" != "true" ]]; then
   # Install lts-22.04 kernel
   DEBIAN_FRONTEND=noninteractive apt-get install -y linux-image-azure-lts-22.04 linux-cloud-tools-azure-lts-22.04 linux-headers-azure-lts-22.04 linux-modules-extra-azure-lts-22.04 linux-tools-azure-lts-22.04
   echo "After installing new kernel, here is a list of kernels/headers installed"; dpkg -l 'linux-*azure*'
-  
+
   update-grub
 fi
 stop_watch $capture_time "Handle Azure Linux / CgroupV2" false

diff --git a/vhdbuilder/packer/test/linux-vhd-content-test.sh b/vhdbuilder/packer/test/linux-vhd-content-test.sh
@@ -1,6 +1,5 @@
 #!/bin/bash
 COMPONENTS_FILEPATH=/opt/azure/components.json
-KUBE_PROXY_IMAGES_FILEPATH=/opt/azure/kube-proxy-images.json
 MANIFEST_FILEPATH=/opt/azure/manifest.json
 VHD_LOGS_FILEPATH=/opt/azure/vhd-install.complete
 
@@ -14,8 +13,8 @@ IMG_SKU="$6"
 
 # List of "ERROR/WARNING" message we want to ignore in the cloud-init.log
 # 1. "Command ['hostname', '-f']":
-#   Running hostname -f will fail on current AzureLinux AKS image. We don't not have active plan to resolve 
-#   this for stable version and there is no customer issues collected. Ignore this failure now. 
+#   Running hostname -f will fail on current AzureLinux AKS image. We don't not have active plan to resolve
+#   this for stable version and there is no customer issues collected. Ignore this failure now.
 CLOUD_INIT_LOG_MSG_IGNORE_LIST=(
   "Command ['hostname', '-f']"
 )
@@ -309,13 +308,13 @@ testCloudInit() {
   echo "$test:Start"
   os_sku=$1
 
-  # Limit this test only to Mariner or Azurelinux 
+  # Limit this test only to Mariner or Azurelinux
   if [[ "${os_sku}" == "CBLMariner" || "${os_sku}" == "AzureLinux" ]]; then
     echo "Checking if cloud-init.log exists..."
     FILE=/var/log/cloud-init.log
     if test -f "$FILE"; then
       echo "Cloud-init log exists. Checking its content..."
-      grep 'WARNING\|ERROR' $FILE | while read -r msg; do 
+      grep 'WARNING\|ERROR' $FILE | while read -r msg; do
         for pattern in "${CLOUD_INIT_LOG_MSG_IGNORE_LIST[@]}"; do
             if [[ "$msg" == *"$pattern"* ]]; then
                 echo "Ignoring WARNING/ERROR message from ignore list; '${msg}'"
@@ -390,21 +389,6 @@ testKubeBinariesPresent() {
   echo "$test:Finish"
 }
 
-testKubeProxyImagesPulled() {
-  test="testKubeProxyImagesPulled"
-  echo "$test:Start"
-  containerRuntime=$1
-  containerdKubeProxyImages=$(jq .containerdKubeProxyImages <${KUBE_PROXY_IMAGES_FILEPATH})
-
-  if [ $containerRuntime == 'containerd' ]; then
-    testImagesPulled containerd "$containerdKubeProxyImages"
-  else
-    err $test "unsupported container runtime $containerRuntime"
-    return
-  fi
-  echo "$test:Finish"
-}
-
 # nc and nslookup is used in CSE to check connectivity
 testCriticalTools() {
   test="testCriticalTools"
@@ -869,7 +853,7 @@ testPam() {
     # deactivate the virtual environment
     deactivate
     popd || (err ${test} "Failed to cd out of test dir"; return 1)
-    
+
     if [ $retval -ne 0 ]; then
       err ${test} "$output"
       err ${test} "PAM configuration is not functional"
@@ -956,7 +940,6 @@ testAuditDNotPresent
 testFips $OS_VERSION $ENABLE_FIPS
 testCloudInit $OS_SKU
 testKubeBinariesPresent $CONTAINER_RUNTIME
-testKubeProxyImagesPulled $CONTAINER_RUNTIME
 # Commenting out testImagesRetagged because at present it fails, but writes errors to stdout
 # which means the test failures haven't been caught. It also calles exit 1 on a failure,
 # which means the rest of the tests aren't being run.

diff --git a/vhdbuilder/packer/vhd-image-builder-arm64-gen2.json b/vhdbuilder/packer/vhd-image-builder-arm64-gen2.json
@@ -303,11 +303,6 @@
       "source": "parts/linux/cloud-init/artifacts/manifest.json",
       "destination": "/home/packer/manifest.json"
     },
-    {
-      "type": "file",
-      "source": "vhdbuilder/packer/kube-proxy-images.json",
-      "destination": "/home/packer/kube-proxy-images.json"
-    },
     {
       "type": "file",
       "source": "parts/linux/cloud-init/artifacts/sysctl-d-60-CIS.conf",

diff --git a/vhdbuilder/packer/vhd-image-builder-base.json b/vhdbuilder/packer/vhd-image-builder-base.json
@@ -305,11 +305,6 @@
       "source": "parts/linux/cloud-init/artifacts/manifest.json",
       "destination": "/home/packer/manifest.json"
     },
-    {
-      "type": "file",
-      "source": "vhdbuilder/packer/kube-proxy-images.json",
-      "destination": "/home/packer/kube-proxy-images.json"
-    },
     {
       "type": "file",
       "source": "parts/linux/cloud-init/artifacts/sysctl-d-60-CIS.conf",

diff --git a/vhdbuilder/packer/vhd-image-builder-mariner-arm64.json b/vhdbuilder/packer/vhd-image-builder-mariner-arm64.json
@@ -282,11 +282,6 @@
       "source": "parts/linux/cloud-init/artifacts/manifest.json",
       "destination": "/home/packer/manifest.json"
     },
-    {
-      "type": "file",
-      "source": "vhdbuilder/packer/kube-proxy-images.json",
-      "destination": "/home/packer/kube-proxy-images.json"
-    },
     {
       "type": "file",
       "source": "parts/linux/cloud-init/artifacts/sysctl-d-60-CIS.conf",

diff --git a/vhdbuilder/packer/vhd-image-builder-mariner.json b/vhdbuilder/packer/vhd-image-builder-mariner.json
@@ -299,11 +299,6 @@
       "source": "parts/linux/cloud-init/artifacts/manifest.json",
       "destination": "/home/packer/manifest.json"
     },
-    {
-      "type": "file",
-      "source": "vhdbuilder/packer/kube-proxy-images.json",
-      "destination": "/home/packer/kube-proxy-images.json"
-    },
     {
       "type": "file",
       "source": "parts/linux/cloud-init/artifacts/sysctl-d-60-CIS.conf",